Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/__aR_MaqU7dfoHvPews-1fJZfCA.roa
File: __aR_MaqU7dfoHvPews-1fJZfCA.roa (raw, json)
Hash identifier: r6Z+pTYtHYppY8nR/UlmXHOJxzrhF2KIYVO0WyfgiTA=
Subject key identifier: FF:F6:91:FC:C6:AA:53:B7:5F:A0:7B:CF:7B:0B:3E:D5:F2:59:7C:20
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F93FC1E507D184124E1D690FAAA687121
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/__aR_MaqU7dfoHvPews-1fJZfCA.roa
Signing time: Mon 20 May 2024 03:12:04 +0000
ROA not before: Mon 20 May 2024 03:12:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:93:fc:1e:50:7d:18:41:24:e1:d6:90:fa:aa:68:71:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 20 03:12:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fff691fcc6aa53b75fa07bcf7b0b3ed5f2597c20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:b5:82:6b:c6:66:ec:47:db:46:47:b0:62:6c:
bc:21:93:31:20:e9:e6:d8:d8:a4:ad:59:d2:74:06:
a6:c5:64:e2:6d:45:e0:c6:cf:3f:0f:08:db:ec:8d:
95:c2:4e:e1:c8:84:3d:32:57:e7:fc:32:61:d0:d3:
31:e0:c7:0f:65:43:9a:4d:bc:c3:4a:17:ee:ab:f0:
91:61:5e:be:a4:e9:fa:a2:c5:d9:35:cc:69:2b:35:
24:09:b9:4f:51:01:6b:53:e4:e9:19:4d:4b:71:33:
ed:69:26:8b:a5:cf:f7:27:b9:39:ed:5c:69:84:5c:
fe:82:76:fc:68:dd:a3:59:e0:ae:08:94:33:56:d6:
b6:d8:95:24:56:2e:e7:be:67:e5:76:cb:2f:55:6b:
a0:1b:d5:cf:fe:fc:2b:8b:79:54:69:a8:87:e5:20:
20:b7:60:e9:7e:94:d6:15:3f:61:6b:c5:f6:22:73:
dd:7e:0a:d2:8d:48:5f:80:bb:e1:6f:4f:3c:c6:5d:
a0:36:c6:c5:fb:1f:cc:53:8f:6b:ec:81:0a:3b:50:
78:46:2c:bf:db:93:26:86:1d:66:bb:bd:0e:30:2d:
21:e9:4c:29:df:50:6c:bb:d9:33:b2:cb:66:d7:bb:
48:52:0d:06:71:d8:6e:3c:4e:1a:90:21:e1:95:14:
75:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:F6:91:FC:C6:AA:53:B7:5F:A0:7B:CF:7B:0B:3E:D5:F2:59:7C:20
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/__aR_MaqU7dfoHvPews-1fJZfCA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
82:b3:01:0c:0b:76:01:ea:df:ff:21:90:21:1c:a6:c9:63:3d:
ed:89:87:ab:ae:e3:e8:cc:b4:94:eb:eb:9e:ec:06:7d:9a:a3:
19:ff:03:56:7f:ca:67:46:11:f4:ed:60:2f:98:14:48:4c:b2:
e6:3b:25:45:77:9b:c2:47:c7:b0:11:70:52:d8:b9:3c:f0:b9:
fb:89:c0:ff:c5:9e:98:1a:6f:39:a8:46:2a:27:64:bf:1c:fd:
f4:5d:77:48:20:87:30:8b:97:73:b9:c8:d5:0b:5b:a2:5b:91:
69:45:ea:12:14:ce:d3:96:a3:02:ef:eb:81:da:98:54:bf:de:
23:10:29:51:e5:ca:1d:cb:68:bb:00:07:88:25:f0:fd:86:1a:
bc:f4:d2:7e:8d:50:30:9d:52:11:70:db:ac:bd:53:b7:ba:96:
0c:78:fa:66:bf:71:85:bf:cf:08:ce:dc:c6:f2:92:81:4b:f9:
51:8f:30:f0:98:06:82:3a:99:e0:34:1b:6f:a4:d8:a2:85:76:
7e:15:06:6f:71:ce:8e:01:7e:5c:61:5a:ba:20:c1:3f:e2:9e:
2c:62:7f:2a:c0:79:20:f9:90:af:16:df:39:cd:76:c5:a8:ab:
05:35:bc:56:21:8d:23:ac:92:e6:ae:d7:51:ee:03:b0:95:2a:
dc:1a:ed:0c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY+T/B5QfRhBJOHWkPqqaHEhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTIwMDMxMjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZmY2OTFmY2M2YWE1M2I3NWZhMDdiY2Y3YjBiM2VkNWYyNTk3YzIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAybWCa8Zm7EfbRkewYmy8IZMxIOnm
2NikrVnSdAamxWTibUXgxs8/Dwjb7I2Vwk7hyIQ9Mlfn/DJh0NMx4McPZUOaTbzD
Shfuq/CRYV6+pOn6osXZNcxpKzUkCblPUQFrU+TpGU1LcTPtaSaLpc/3J7k57Vxp
hFz+gnb8aN2jWeCuCJQzVta22JUkVi7nvmfldssvVWugG9XP/vwri3lUaaiH5SAg
t2DpfpTWFT9ha8X2InPdfgrSjUhfgLvhb088xl2gNsbF+x/MU49r7IEKO1B4Riy/
25Mmhh1mu70OMC0h6Uwp31Bsu9kzsstm17tIUg0GcdhuPE4akCHhlRR1lQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFP/2kfzGqlO3X6B7z3sLPtXyWXwgMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvX19hUl9NYXFVN2Rmb0h2UGV3cy0xZkpaZkNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIKzAQwLdgHq3/8hkCEc
psljPe2Jh6uu4+jMtJTr657sBn2aoxn/A1Z/ymdGEfTtYC+YFEhMsuY7JUV3m8JH
x7ARcFLYuTzwufuJwP/FnpgabzmoRionZL8c/fRdd0gghzCLl3O5yNULW6JbkWlF
6hIUztOWowLv64HamFS/3iMQKVHlyh3LaLsAB4gl8P2GGrz00n6NUDCdUhFw26y9
U7e6lgx4+ma/cYW/zwjO3MbykoFL+VGPMPCYBoI6meA0G2+k2KKFdn4VBm9xzo4B
flxhWrogwT/inixifyrAeSD5kK8W3znNdsWoqwU1vFYhjSOskuau11HuA7CVKtwa
7Qw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:07 2024 by rpki-client on console-fra.rpki-client.org